www.forbes.com
Kaspersky has disclosed Mercedes-Benz car hacking threat.POOL/AFP via Getty ImagesIts worrying enough that hackers are targeting your account passwords, your iPhone and even your, erm, sex toys. But when they come for your Mercedes-Benz, well, thats a step too far. Heres everything you need to know about the Mercedes-Benz security vulnerability that could give a car hacker access to your vehicle infotainment system.Hacking The Mercedes-Benz Infotainment SystemA newly published report by security researchers from Kaspersky has revealed how they found a total of 13 vulnerabilities in the first-generation Mercedes-Benz User Experience infotainment system. The Kaspersky Security Services research revealed how some of these vulnerabilities could be used by hackers, if successfully exploited, to launch denial-of-service attacks, escalate user privileges and potentially steal data. The report also confirmed that hackers could, if they had physical access to the vehicle, unlock paid services and even disable anti-theft protections.A Mercedes-Benz statement said: The topic described by the researchers requires physical access to the vehicle on-site as well as access to the interior of the vehicle. In addition, the head unit has to be removed and opened. Newer versions of the infotainment system are not affected. The statement also confirmed that Mercedes-Benz had been aware of the security issues since August 2022, when a team of external security researchers contacted us regarding the first generation MBUX Mercedes-Benz User Experience.The vulnerabilities have all now been patched.MORE FOR YOUSecurity Professionals Respond To The Mercedes-Benz Hacking Research"The exploitation of Mercedes-Benz user experience systems is a stark reminder of the evolving attack surface presented by connected devices and embedded systems in modern vehicles, Jamie Akhtar, CEO at CyberSmart, said. This incident highlights the increasing convergence of cybersecurity and the automotive industry, where software vulnerabilities can expose both users and manufacturers to significant risks."The recent report about Kaspersky researchers identifying vulnerabilities in the Mercedes-Benz infotainment system highlights the importance of tighter collaboration between researchers, manufacturers, and the wider cybersecurity ecosystem to keep drivers safe, Anna Collard, an evangelist at KnowBe4, said. Although it is wise to remember that no access to critical vehicle functions were made possible by the vulnerabilities that the Kaspersky researchers disclosed, Collard said, the ability to manipulate the infotainment system could still pose safety risks by distracting drivers with unexpected visuals or flashing lights.